namespace Billing2
{
    using System;
    using System.Web.UI;
    using System.Web.UI.HtmlControls;

    public partial class PortalUnderMaintenance : Page
    {

        protected void Page_Load(object sender, EventArgs e)
        {
            this.Response.AppendHeader("Cache-Control", "no-store");
            this.Response.AppendHeader("Cache-Control", "no-cache");
#if !DEV
            this.Response.AppendHeader("Content-Security-policy", "default-src https: data: 'unsafe-inline' 'unsafe-eval'");
#endif

            //anti CSRF
            if (!this.Page.IsPostBack)
            {
                string anti_csrf = ClsPasswordHelper.Encrypt("anti_csrf" + MyLib.Rand.RandomInt(0, int.MaxValue - 1).ToString()).Replace("=", "").Replace("/", "").Replace("+", "");
                this.request_id.Value = anti_csrf;
                this.Session["request_id"] = anti_csrf;
            }
            else
            {
                if (this.Session["request_id"] == null || this.request_id.Value != this.Session["request_id"].ToString())
                {
                    EPPLog.Logger.Error(Common.EscapeLog(String.Format("Detecterd CSRF1. RawUrl={0} request_id={1} inSession={2}", this.Request.RawUrl, this.request_id.Value, this.Session["request_id"])));
                    base.Response.Redirect("logout.aspx", true);
                    return;
                }
            }
        }

        protected override void OnInit(EventArgs e)
        {
            base.OnInit(e);
            ViewStateUserKey = Session.SessionID;
        }
    }
}
